Report a Security Bug

To report a security issue in Koha, click here.

Bugs reported in this fashion are visible only to the reporter and to members of a Koha security group. Core members of the security group are the current release manager, the release maintainers for all active versions, and the QA team.

Thank you for helping to keep Koha secure.


Please report security issues responsibly, giving the volunteers that work on the project adequate time to respond to your query and arrange a security release.